Unable to Access Encrypted Files After Using Sysprep.exe

Article translations Article translations
Article ID: 288348 - View products that this article applies to.
This article was previously published under Q288348
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SYMPTOMS

If you encrypted files on a Windows 2000-based computer by using Encrypting File System (EFS), you may lose the ability to access or decrypt these files if you run the System Preparation tool (Sysprep.exe) on the computer.

CAUSE

This behavior occurs because the System Preparation tool changes the security identifiers (SIDs) for the local machine and user accounts. After the System Preparation tool alters the SIDs, the old encryption keys no longer work. This is also true for the local administrator account, which is the default recovery agent for encrypted files.

WORKAROUND

To avoid this behavior, do not run Sysprep.exe on computers that have EFS-encrypted files. If you must run Sysprep.exe on a computer that has EFS-encrypted files, back up the local administrator's EFS Private key before you run Sysprep.exe, and then restore it afterwards. For additional information about how to do this, click the article numbers below to view the articles in the Microsoft Knowledge Base:
241201 HOW TO: Back Up Your Encrypting File System Private Key in Windows 2000

STATUS

This behavior is by design.

MORE INFORMATION

If your computer is a member of a Windows 2000-based domain and you encrypted the files by using a domain user account, you can use the EFS Recovery Agent for your domain to recover the encrypted files.

Microsoft does not recommend using Sysprep.exe on computers that are already part of a domain.

REFERENCES

For more information about Sysprep.exe, go to the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/bb457073.aspx

Properties

Article ID: 288348 - Last Review: October 23, 2013 - Revision: 3.4
APPLIES TO
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Professional Edition
Keywords: 
kbnosurvey kbarchive kbenv kbprb KB288348

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com